avataoTools introduces popular security tools

Written by Gábor Pék

One of the most difficult parts in IT security is to get started. There are zillions of interesting topics all around, but if you are completely new in this area you can easily get lost. Fortunately, there are a massive number of security tools online that help you to solve complex problems faster and easier even if you do not understand all the backgrounds. Distributions like Kali Linux, for example, are heavily armoured by the most recent security tools to help you automatize your daily routines in penetration testing. Such tools, however, are not only for beginners.


As Charlie Miller said in his interview “security is best learned by doing.” Today, everybody is using security tools, because we do not have time to implement everything from scratch. At the same time, if a new problem emerges someone is going to release a tool very soon. These tools are among the key driving forces of IT security. Experts like j00ru use all the classics such as IDA Pro or peda. Top CTF teams such as CyKor heavily use FiddlerParos and Burp Suite for web challenges. Long story short, tools are essential in IT security.

All right, I have tools, but how can I try them out?

As the question above says another problem is that the use case (e.g., network traffic to analyze a problem, memory snapshot to find a specific code loading technique) is missing most of the time. If we lack such use cases, the tool and the corresponding problem cannot be understood well. Creating such use cases, however, is time consuming and requires substantial expertise.

We now launch tutorials called avataoTools for various security tools with real use cases to help people to get familiar with the tools needed to solve IT security problems. All the tutorials are created by field experts and provide a step-by-step description for a problem that a given tool tackles. These preconfigured use cases (e.g., files, prepared environments) highlight the features and advantages of these tools and prepare the users to apply these tools later on.

Our first tutorials drive you through a handful of security tools:

Wireshark and nmap tutorials are coming soon.

Comment if you have suggestions for other interesting tools! We are looking forward to your feedback.

Related Articles

The Tutorial Framework: Containerizing IT Security Knowledge

The Tutorial Framework: Containerizing IT Security Knowledge

How can we make security education a whole lot more accessible and fun? The tutorial framework is the answer. In this article we dive into how to create interactive learning environments running inside containers. The Phantom Menace Something is not quite right with...

How cybersecurity contributes value to business

How cybersecurity contributes value to business

Cybersecurity: a tough reality Cybersecurity is an inherently negative asset. As with any protective measure, the major challenge is to measure the value (or Return on Investment, ROI) of cybersecurity. It is significantly more difficult to make this value apparent to...